2011-10-08 17:36:38 -04:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2014-04-12 04:56:37 -04:00
|
|
|
describe "Users Security", feature: true do
|
2011-10-08 17:36:38 -04:00
|
|
|
describe "Project" do
|
2011-10-26 09:46:25 -04:00
|
|
|
before do
|
2012-11-05 22:31:55 -05:00
|
|
|
@u1 = create(:user)
|
2011-10-08 17:36:38 -04:00
|
|
|
end
|
|
|
|
|
2011-10-26 09:46:25 -04:00
|
|
|
describe "GET /login" do
|
2011-10-17 06:39:03 -04:00
|
|
|
it { new_user_session_path.should_not be_404_for :visitor }
|
2011-10-08 17:36:38 -04:00
|
|
|
end
|
|
|
|
|
2013-06-24 12:24:27 -04:00
|
|
|
describe "GET /profile/keys" do
|
|
|
|
subject { profile_keys_path }
|
2012-08-25 13:43:55 -04:00
|
|
|
|
|
|
|
it { should be_allowed_for @u1 }
|
|
|
|
it { should be_allowed_for :admin }
|
|
|
|
it { should be_allowed_for :user }
|
|
|
|
it { should be_denied_for :visitor }
|
2011-10-08 17:36:38 -04:00
|
|
|
end
|
|
|
|
|
2011-10-26 09:46:25 -04:00
|
|
|
describe "GET /profile" do
|
2012-08-25 13:43:55 -04:00
|
|
|
subject { profile_path }
|
|
|
|
|
|
|
|
it { should be_allowed_for @u1 }
|
|
|
|
it { should be_allowed_for :admin }
|
|
|
|
it { should be_allowed_for :user }
|
|
|
|
it { should be_denied_for :visitor }
|
2011-10-08 17:36:38 -04:00
|
|
|
end
|
|
|
|
|
2012-09-14 12:13:25 -04:00
|
|
|
describe "GET /profile/account" do
|
2013-10-09 12:03:09 -04:00
|
|
|
subject { profile_account_path }
|
2012-12-02 06:29:24 -05:00
|
|
|
|
|
|
|
it { should be_allowed_for @u1 }
|
|
|
|
it { should be_allowed_for :admin }
|
|
|
|
it { should be_allowed_for :user }
|
|
|
|
it { should be_denied_for :visitor }
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "GET /profile/design" do
|
|
|
|
subject { design_profile_path }
|
2012-08-25 13:43:55 -04:00
|
|
|
|
|
|
|
it { should be_allowed_for @u1 }
|
|
|
|
it { should be_allowed_for :admin }
|
|
|
|
it { should be_allowed_for :user }
|
|
|
|
it { should be_denied_for :visitor }
|
2011-10-08 17:36:38 -04:00
|
|
|
end
|
2013-09-25 07:05:03 -04:00
|
|
|
|
|
|
|
describe "GET /profile/history" do
|
|
|
|
subject { history_profile_path }
|
|
|
|
|
|
|
|
it { should be_allowed_for @u1 }
|
|
|
|
it { should be_allowed_for :admin }
|
|
|
|
it { should be_allowed_for :user }
|
|
|
|
it { should be_denied_for :visitor }
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "GET /profile/notifications" do
|
|
|
|
subject { profile_notifications_path }
|
|
|
|
|
|
|
|
it { should be_allowed_for @u1 }
|
|
|
|
it { should be_allowed_for :admin }
|
|
|
|
it { should be_allowed_for :user }
|
|
|
|
it { should be_denied_for :visitor }
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "GET /profile/groups" do
|
|
|
|
subject { profile_groups_path }
|
|
|
|
|
|
|
|
it { should be_allowed_for @u1 }
|
|
|
|
it { should be_allowed_for :admin }
|
|
|
|
it { should be_allowed_for :user }
|
|
|
|
it { should be_denied_for :visitor }
|
|
|
|
end
|
2011-10-08 17:36:38 -04:00
|
|
|
end
|
|
|
|
end
|